Direct Store with paging grid in ExtJs4and DJN 2.0

Direct Store with paging grid in ExtJs4and DJN 2.0

It is mentioned in the DJN 2 user guide it donot support "baseparams" and we must adapt a way of form Submit/api ...

how ever I cannot get the Idea of how to use api?submit with a "direct Store" and directFn when using DJN ...
Is any body out there already developed a "Paging grid" or a buffered Grid ? what way is adapted to pass parameters to server's java function.

DirectJNgine 2.1 final is out!

DirectJNgine 2.1 final is out!

The 2.0 alpha 1 ended up being production ready, as I said in other posts in which I recommended to use it for production. But I think we all needed to see the "final" suffix, so here it is

I should have removed the 'alpha 1' suffix a long time ago, if only to provide reassurance, mea culpa. The released version just adds some additional tests and I made sure it passes all tests for ExtJs 4.1.0. Some new change in 4.1.0 broke a test that used to work in 4.0.x, and I had to change the test code accordingly.

The bump from 2.0 to 2.1 is to emphasize the fact that this one works with ExtJs 4.1.0, which is the version I feel we all should be using, due to the many fixes and improvements it sports.

DirectJNgine Security Manager

DirectJNgine Security Manager

Hi Pedro,
I'm exploring your directJNgine library and I have to say that I really like it! It really simplifies every day development, and I wanted to thank you for all the time you have spent on it providing a great library to all the world! The docs are brilliant and I've configured everything really fastly. Now that I have my remote methods (marked with the convenient @DirectMethod), that are usable from the client side, I was wondering how to implement a convenient way to manage the authorization level of each method.

In the perfect world I'd like to accomplish something like this:

Code:

@DirectMethod
@AccessLevel( level="Admin")
public String something()

I saw that I can access to the DirectJNgine servlet's context and session, but I wanted to ask you how do you implement the authentication internally and if it's possible to plug-in an external class to the DirectJNgine's servlet that implements a way of defining each access level. Ideally I think that the security manager has to be called by the DirectJNgine's servlet during the internal routing process, deciding whether to allow method execution or provide a standard exception (such as "403: forbidden") that is sent to the client. What do you think about this? I'm curious to hear your opinion.

Hi Pedro,
I'm exploring your directJNgine library and I have to say that I really like it! It really simplifies every day development, and I wanted to thank you for all the time you have spent on it providing a great library to all the world! The docs are brilliant and I've configured everything really fastly.

Thanks!

Originally Posted by alexMobimesh

Now that I have my remote methods (marked with the convenient @DirectMethod), that are usable from the client side, I was wondering how to implement a convenient way to manage the authorization level of each method.

In the perfect world I'd like to accomplish something like this:

Code:

@DirectMethod
@AccessLevel( level="Admin")
public String something()

I saw that I can access to the DirectJNgine servlet's context and session, but I wanted to ask you how do you implement the authentication internally and if it's possible to plug-in an external class to the DirectJNgine's servlet that implements a way of defining each access level. Ideally I think that the security manager has to be called by the DirectJNgine's servlet during the internal routing process, deciding whether to allow method execution or provide a standard exception (such as "403: forbidden") that is sent to the client. What do you think about this? I'm curious to hear your opinion.

Looking forward to hear from you,
Alex

I think that tinkering with DJN to handle security concerns is not a good idea, security is an orthogonal concern.

As a *quick* solution, you might be able to solve your issue by letting some other element check permisions and raise a security exception. DJN will pass it to the client with a message in an standard format that includes the exception type and its message.

Note that the message is referred to the "cause exception", not the last one in a exception stack, making it meaningful for that kind of processing .

Hi Pedro,
I already have developed my own Security manager that handles method-level permissions, but I need to intercept the calls to my method before they happen. By analyzing your source code, I've found that
every server side method is callled by the code on the line 144 of DispatcherBase class, that does the following:

Then a configuration parameter could be added to the web.xml file in which the developer could specify if it's going to use its own implementation of the security manager.
The configuration parameter could be something like this:

If this parameter is not defined in the web.xml, the default DJN security manager class will be used.
In this way DJN delegates to the developer the task of implementing its own security manager, but provides a more convenient and elegant way to do it.

What do you think about this proposal? I think that it's a minimal tweak to your code that could provide a powerful feature to your library.